Skip to content

CakePHP directory traversal vulnerability allows remote attackers to read arbitrary files

Moderate severity GitHub Reviewed Published May 1, 2022 to the GitHub Advisory Database • Updated Jan 30, 2023

Package

composer cakephp/cakephp (Composer)

Affected versions

>= 1.0.1.2708, < 1.1.8.3544

Patched versions

1.1.8.3544

Description

Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software Foundation CakePHP before 1.1.8.3544 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, followed by a filename ending with %00 and a .js filename.

References

Published by the National Vulnerability Database Sep 27, 2006
Published to the GitHub Advisory Database May 1, 2022
Reviewed Jan 14, 2023
Last updated Jan 30, 2023

Severity

Moderate

EPSS score

1.312%
(86th percentile)

Weaknesses

CVE ID

CVE-2006-5031

GHSA ID

GHSA-rw73-xmpv-j5x2

Source code

Credits

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.